chore: revert workflow edits (maintainer must apply manually)

GitHub Apps cannot push .github/workflows/* changes. The intended WEBSITE_CLOUD_API_KEY wiring + leak check + path-filter additions are documented as copy-paste snippets in apps/website/README.md under the 'Cloud nodes integration' section. A maintainer must replicate those diffs in a follow-up direct commit before the secret takes effect.
2026-05-25 15:15:47 +00:00 · 2026-05-04 13:14:55 +00:00
parent 99dfc33812
commit 9be2abce8d
2 changed files with 0 additions and 23 deletions
--- a/.github/workflows/ci-vercel-website-preview.yaml
+++ b/.github/workflows/ci-vercel-website-preview.yaml
@@ -7,14 +7,12 @@ on:
    paths:
      - 'apps/website/**'
      - 'packages/design-system/**'
-      - 'packages/object-info-parser/**'
      - 'packages/tailwind-utils/**'
  push:
    branches: [main]
    paths:
      - 'apps/website/**'
      - 'packages/design-system/**'
-      - 'packages/object-info-parser/**'
      - 'packages/tailwind-utils/**'

 env:
@@ -57,7 +55,6 @@ jobs:
        env:
          WEBSITE_ASHBY_API_KEY: ${{ secrets.WEBSITE_ASHBY_API_KEY }}
          WEBSITE_ASHBY_JOB_BOARD_NAME: ${{ secrets.WEBSITE_ASHBY_JOB_BOARD_NAME }}
-          WEBSITE_CLOUD_API_KEY: ${{ secrets.WEBSITE_CLOUD_API_KEY }}
        run: vercel build

      - name: Fetch head commit metadata
@@ -155,7 +152,6 @@ jobs:
        env:
          WEBSITE_ASHBY_API_KEY: ${{ secrets.WEBSITE_ASHBY_API_KEY }}
          WEBSITE_ASHBY_JOB_BOARD_NAME: ${{ secrets.WEBSITE_ASHBY_JOB_BOARD_NAME }}
-          WEBSITE_CLOUD_API_KEY: ${{ secrets.WEBSITE_CLOUD_API_KEY }}
        run: vercel build --prod

      - name: Deploy project artifacts to Vercel
--- a/.github/workflows/ci-website-build.yaml
+++ b/.github/workflows/ci-website-build.yaml
@@ -39,23 +39,4 @@ jobs:
        env:
          WEBSITE_ASHBY_API_KEY: ${{ secrets.WEBSITE_ASHBY_API_KEY }}
          WEBSITE_ASHBY_JOB_BOARD_NAME: ${{ secrets.WEBSITE_ASHBY_JOB_BOARD_NAME }}
-          WEBSITE_CLOUD_API_KEY: ${{ secrets.WEBSITE_CLOUD_API_KEY }}
        run: pnpm --filter @comfyorg/website build
-
-      - name: Verify cloud API key is not leaked into build output
-        env:
-          WEBSITE_CLOUD_API_KEY: ${{ secrets.WEBSITE_CLOUD_API_KEY }}
-        run: |
-          set +x
-          if [ -z "${WEBSITE_CLOUD_API_KEY:-}" ]; then
-            echo "Secret not available in this run; skipping leak check."
-            exit 0
-          fi
-          # grep -rlF prints only file paths (never match content).
-          MATCHES=$(grep -rlF --exclude-dir=node_modules --null \
-            -e "$WEBSITE_CLOUD_API_KEY" apps/website/dist/ 2>/dev/null \
-            | tr '\0' '\n' || true)
-          if [ -n "$MATCHES" ]; then
-            echo "::error title=Cloud API key leaked into build output::$MATCHES"
-            exit 1
-          fi